Keeping Your Images from Adorning Other Sites

Webmasters are ever searching for ways to make their sites look
cool and attractive. One way is to dress it up with images,
logos, and other graphics--sometimes referred to as 'eye candy.'
Of course, if you happen to be in the forefront of this in any way,
you run the risk of having others cadge your art in order to
dress up their sites. And they probably won't even ask
permission nor pay you a royalty, either.

Webmasters are ever searching for ways to make their sites look
cool and attractive. Of course, if you happen to be in the forefront of this in any way, you run the risk of having others cadge your art to dress up their sites. This article shows how you can use Apache configuration directives to limit access to your art so that it's more difficult to use elsewhere.

This article shows how you can use Apache configuration directives to
limit access to your art so that it's more difficult to use elsewhere.

The first type not only causes your images to prettify someone
else's site, but hurts you more directly because visitors to
their site are hammering yours to get the images. Your log files get
filled with access request entries, your bandwidth gets used -- and
you're getting no benefit from it. This type of theft is almost completely
preventable.

The second type of theft is more insidious. The 'borrower' doesn't
cause your site to get pounded on for access to the images, since they've
been copied to the borrower's site, but you probably weren't given
any credit for the artwork--and you probably don't even know the
theft happened. Because of the way the Web works, this type of theft
can't really be prevented, but you can at least make it a little more
difficult.

You can't completely prevent either of these, of course, but you
can make them more difficult to do.

You're probably not going to want to protect every document
on your site. Even if you do, for the sake of this article I'm
assuming you only want to protect your artwork. So how do you
indicate that the rules only apply to them? With directives such
as the following in your server config files:

You can put a container such as this inside a
<Directory> container, or inside a
<VirtualHost> container, or outside any containers at all
(in which case it applies to all such files on your server), or
even inside .htaccess files. Put it wherever it makes
sense to protect what you want protected.

Down on the wire, where the browsers, spiders, and servers live, every
request for a Web page includes a component called the
HTTP request header. This contains information about the
request, such as the user's preferred languages, the types of documents
the client is able to handle -- and not least, the name of the item being
requested. This information is conveyed in a series of name/value
pairs called header fields.